1
linux/net/ipv4
Vasiliy Kulikov 961ed183a9 netfilter: ipt_CLUSTERIP: fix buffer overflow
'buffer' string is copied from userspace.  It is not checked whether it is
zero terminated.  This may lead to overflow inside of simple_strtoul().
Changli Gao suggested to copy not more than user supplied 'size' bytes.

It was introduced before the git epoch.  Files "ipt_CLUSTERIP/*" are
root writable only by default, however, on some setups permissions might be
relaxed to e.g. network admin user.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Acked-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2011-03-20 15:42:52 +01:00
..
netfilter netfilter: ipt_CLUSTERIP: fix buffer overflow 2011-03-20 15:42:52 +01:00
af_inet.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
ah4.c xfrm: Use separate low and high order bits of the sequence numbers in xfrm_skb_cb 2011-03-13 20:22:28 -07:00
arp.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
cipso_ipv4.c Update broken web addresses in the kernel. 2010-10-18 11:03:14 +02:00
datagram.c ipv4: Make output route lookup return rtable directly. 2011-03-02 14:31:35 -08:00
devinet.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-03-10 14:26:00 -08:00
esp4.c esp4: Add support for IPsec extended sequence numbers 2011-03-13 20:22:29 -07:00
fib_frontend.c ipv4: Use flowi4 in FIB layer. 2011-03-12 15:08:49 -08:00
fib_lookup.h ipv4: Kill fib_semantic_match declaration from fib_lookup.h 2011-03-12 15:08:53 -08:00
fib_rules.c ipv4: Use flowi4 in FIB layer. 2011-03-12 15:08:49 -08:00
fib_semantics.c ipv4: Use flowi4 in FIB layer. 2011-03-12 15:08:49 -08:00
fib_trie.c ipv4: Pass ipv4 flow objects into fib_lookup() paths. 2011-03-12 15:08:47 -08:00
gre.c tunnels: add _rcu annotations 2010-10-25 13:09:45 -07:00
icmp.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
igmp.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
inet_connection_sock.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
inet_diag.c Revert "netlink: test for all flags of the NLM_F_DUMP composite" 2011-01-19 13:34:20 -08:00
inet_fragment.c
inet_hashtables.c inet: Fix __inet_inherit_port() to correctly increment bsockets and num_owners 2010-11-28 18:18:44 -08:00
inet_lro.c
inet_timewait_sock.c tcp: fix inet_twsk_deschedule() 2011-02-19 18:59:04 -08:00
inetpeer.c inetpeer: should use call_rcu() variant 2011-03-13 23:22:23 -07:00
ip_forward.c
ip_fragment.c ipv4: IP defragmentation must be ECN aware 2011-01-06 11:21:30 -08:00
ip_gre.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
ip_input.c netfilter: fix Kconfig dependencies 2011-01-14 13:36:42 +01:00
ip_options.c
ip_output.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
ip_sockglue.c ipv4: add __rcu annotations to ip_ra_chain 2010-10-25 14:18:28 -07:00
ipcomp.c
ipconfig.c net: add some KERN_CONT markers to continuation lines 2010-11-28 10:47:17 -08:00
ipip.c ipv4: Create and use route lookup helpers. 2011-03-12 15:08:42 -08:00
ipmr.c ipv4: Use flowi4 in ipmr code. 2011-03-12 15:08:49 -08:00
Kconfig ipv4: Remove fib_hash. 2011-02-01 15:35:25 -08:00
Makefile ipv4: Remove fib_hash. 2011-02-01 15:35:25 -08:00
netfilter.c ipv4: Use flowi4 in public route lookup interfaces. 2011-03-12 15:08:48 -08:00
proc.c tcp: Replace time wait bucket msg by counter 2010-12-08 12:16:33 -08:00
protocol.c net: add __rcu annotations to protocol 2010-10-27 11:37:31 -07:00
raw.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
route.c net_sched: fix ip_tos2prio 2011-03-15 18:53:54 -07:00
syncookies.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
sysctl_net_ipv4.c net: add limits to ip_default_ttl 2010-12-13 12:16:14 -08:00
tcp_bic.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_cong.c
tcp_cubic.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-03-15 15:15:17 -07:00
tcp_diag.c
tcp_highspeed.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_htcp.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_hybla.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_illinois.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_input.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-03-15 15:15:17 -07:00
tcp_ipv4.c ipv4: Make output route lookup return rtable directly. 2011-03-02 14:31:35 -08:00
tcp_lp.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_minisocks.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-08 13:47:38 -08:00
tcp_output.c tcp: undo_retrans counter fixes 2011-02-21 11:31:18 -08:00
tcp_probe.c net: ipv4: tcp_probe: cleanup snprintf() use 2010-11-17 12:27:46 -08:00
tcp_scalable.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_timer.c tcp: Remove debug macro of TCP_CHECK_TIMER 2011-02-20 11:10:14 -08:00
tcp_vegas.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_vegas.h
tcp_veno.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_westwood.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_yeah.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp.c tcp: ioctl type SIOCOUTQNSD returns amount of data not sent 2011-03-09 14:08:09 -08:00
tunnel4.c tunnels: add __rcu annotations 2010-10-27 11:37:32 -07:00
udp_impl.h
udp.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
udplite.c net: fix nulls list corruptions in sk_prot_alloc 2010-12-16 14:26:56 -08:00
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c ipv4: Don't pre-seed hoplimit metric. 2010-12-12 22:08:17 -08:00
xfrm4_output.c
xfrm4_policy.c net: Put fl4_* macros to struct flowi4 and use them again. 2011-03-12 15:08:54 -08:00
xfrm4_state.c net: Use flowi4 and flowi6 in xfrm layer. 2011-03-12 15:08:52 -08:00
xfrm4_tunnel.c